zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 01:06:55 -06:00
Code Issues Packages Projects Releases Wiki Activity

updates for new redhat ubi image and also temp fix for INST-550 bug

Browse Source
This commit is contained in:
John Peterson
2020-02-13 11:51:35 -08:00
parent 47efd4f31d
commit 4be8a96fb6
13 changed files with 108 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
Openshift4/artifactory-ha-operator/README.md Normal file
View File

@@ -0,0 +1,26 @@
# Openshift 4 Artifactory Operator
## Cluster Setup
###### Security Context Constraints - Anyuid + Hostpath
###### Persistent Volumes
######
## Installation types
###### OLM Catalog
To install via the OLM catalog download the operator from the Operator hub and install it via the Openshift console GUI
To test OLM catalog installs you will need to deploy the lastest ClusterServiceVersion found at:
deploy/olm-catalog/artifactory-ha-operator/X.X.X/artifactory-ha-operator.vX.X.X.clusterserviceversion.yaml
This will install the operator into whatever cluster your kubectl or oc program is currently logged into.
Please refer to Local Testing section below for full instructions.
###### Operator YAML
To install the operator via the Operator YAML first follow the steps in
###### Operator-sdk local
## Local Testing

4
Openshift4/artifactory-ha-operator/deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml
View File

@@ -50,7 +50,7 @@ spec:
path: null path: null
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: earlyaccess.jfrog.io/artifactory-pro repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-pro
internalArtifactoryPort: 8081 internalArtifactoryPort: 8081
internalPort: 8082 internalPort: 8082
javaOpts: {} javaOpts: {}
@@ -759,7 +759,7 @@ spec:
internalPort: 443 internalPort: 443
image: image:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
repository: earlyaccess.jfrog.io/nginx-artifactory-pro repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/nginx-artifactory-pro
labels: {} labels: {}
livenessProbe: livenessProbe:
enabled: true enabled: true

18
Openshift4/artifactory-ha-operator/deploy/hostpathscc.yaml Normal file
View File

@@ -0,0 +1,18 @@
kind: SecurityContextConstraints
apiVersion: v1
metadata:
name: hostpath
allowPrivilegedContainer: false
runAsUser:
type: RunAsAny
seLinuxContext:
type: RunAsAny
fsGroup:
type: RunAsAny
supplementalGroups:
type: RunAsAny
users:
- artifactory
groups:
- artifactory
- jfrog-artifactory

6
Openshift4/artifactory-ha-operator/deploy/imagestream-nginx.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
name: nginx-artifactory-pro
namespace: jfrog-artifactory

0
Openshift4/artifactory-ha-operator/deploy/imagestream.yaml → Openshift4/artifactory-ha-operator/deploy/imagestream-operator.yaml
View File

6
Openshift4/artifactory-ha-operator/deploy/imagestream-pro.yaml Normal file
View File

@@ -0,0 +1,6 @@
apiVersion: image.openshift.io/v1
kind: ImageStream
metadata:
name: artifactory-pro
namespace: jfrog-artifactory

13
Openshift4/artifactory-ha-operator/deploy/namespace.yaml
View File

@@ -2,16 +2,3 @@ kind: Namespace
apiVersion: v1 apiVersion: v1
metadata: metadata:
name: jfrog-artifactory name: jfrog-artifactory
selfLink: /api/v1/namespaces/jfrog-artifactory
uid: 402ec7e9-3ca2-11ea-bd94-0ef0e3c74fbe
resourceVersion: '523038'
creationTimestamp: '2020-01-21T23:03:34Z'
annotations:
openshift.io/sa.scc.mcs: 's0:c23,c2'
openshift.io/sa.scc.supplemental-groups: 1000510000/10000
openshift.io/sa.scc.uid-range: 1000510000/10000
spec:
finalizers:
- kubernetes
status:
phase: Active

4
Openshift4/artifactory-ha-operator/deploy/olm-catalog/artifactory-ha-operator/1.0.0/artifactory-ha-operator.v1.0.0.clusterserviceversion.yaml
View File

@@ -50,7 +50,7 @@ metadata:
}, },
"image": { "image": {
"pullPolicy": "IfNotPresent", "pullPolicy": "IfNotPresent",
"repository": "earlyaccess.jfrog.io/artifactory-pro" "repository": "image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-pro"
}, },
"internalArtifactoryPort": 8081, "internalArtifactoryPort": 8081,
"internalPort": 8082, "internalPort": 8082,
@@ -348,7 +348,7 @@ metadata:
}, },
"image": { "image": {
"pullPolicy": "IfNotPresent", "pullPolicy": "IfNotPresent",
"repository": "earlyaccess.jfrog.io/nginx-artifactory-pro" "repository": "image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/nginx-artifactory-pro"
}, },
"labels": {}, "labels": {},
"livenessProbe": { "livenessProbe": {

1
Openshift4/artifactory-ha-operator/deploy/operator.yaml
View File

@@ -16,7 +16,6 @@ spec:
containers: containers:
- name: artifactory-ha-operator - name: artifactory-ha-operator
image: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-ha image: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-ha
#image: ubuntu
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: WATCH_NAMESPACE - name: WATCH_NAMESPACE

2
Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/Chart.yaml
View File

@@ -1,5 +1,5 @@
apiVersion: v1 apiVersion: v1
appVersion: 7.0.2 appVersion: 7.0.7
description: Universal Repository Manager supporting all major packaging formats, description: Universal Repository Manager supporting all major packaging formats,
build tools and CI servers. build tools and CI servers.
home: https://www.jfrog.com/artifactory/ home: https://www.jfrog.com/artifactory/

24
Openshift4/artifactory-ha-operator/helm-charts/openshift-artifactory-ha/values.yaml
View File

@@ -154,7 +154,7 @@ artifactory:
name: artifactory-ha name: artifactory-ha
image: image:
# repository: "docker.bintray.io/jfrog/artifactory-pro" # repository: "docker.bintray.io/jfrog/artifactory-pro"
repository: "earlyaccess.jfrog.io/artifactory-pro" repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/artifactory-pro
# Note that by default we use appVersion to get image tag # Note that by default we use appVersion to get image tag
# version: # version:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent
@@ -356,16 +356,16 @@ artifactory:
## Extra environment variables that can be used to tune Artifactory to your needs. ## Extra environment variables that can be used to tune Artifactory to your needs.
## Uncomment and set value as needed ## Uncomment and set value as needed
#extraEnvironmentVariables: | extraEnvironmentVariables: |
# - name: JF_SHARED_DATABSE_USERNAME - name: JF_SHARED_DATABSE_USERNAME
# value: "artifactory" value: "artifactory"
# - name: JF_SHARED_DATABASE_PASSWORD - name: JF_SHARED_DATABASE_PASSWORD
# valueFrom: valueFrom:
# secretKeyRef: secretKeyRef:
# name: {{ .Release.Name }}-postgresql name: {{ .Release.Name }}-postgresql
# key: postgresql-password key: postgresql-password
# - name: POSTGRES_DB - name: POSTGRES_DB
# value: "artifactory" value: "artifactory"
# TODO: Fix javaOpts for member nodes (currently uses primary settings for all nodes) # TODO: Fix javaOpts for member nodes (currently uses primary settings for all nodes)
systemYaml: | systemYaml: |
@@ -1054,7 +1054,7 @@ nginx:
gid: 107 gid: 107
image: image:
# repository: "docker.bintray.io/jfrog/nginx-artifactory-pro" # repository: "docker.bintray.io/jfrog/nginx-artifactory-pro"
repository: "earlyaccess.jfrog.io/nginx-artifactory-pro" repository: image-registry.openshift-image-registry.svc:5000/jfrog-artifactory/nginx-artifactory-pro
# Note that by default we use appVersion to get image tag # Note that by default we use appVersion to get image tag
# version: # version:
pullPolicy: IfNotPresent pullPolicy: IfNotPresent

25
Openshift4/artifactory-ha-operator/setup.sh Executable file
View File

@@ -0,0 +1,25 @@
#!/usr/bin/env bash
oc project default
oc apply -f helm-charts/openshift-artifactory-ha/pv-examples
oc apply -f deploy/project.yaml
oc apply -f deploy/namespace.yaml
oc project jfrog-artifactory
oc apply -f deploy/imagestream-nginx.yaml
oc apply -f deploy/imagestream-pro.yaml
oc apply -f deploy/imagestream-operator.yaml
oc patch image.config.openshift.io/cluster --type=merge --patch='{"spec":{"registrySources":{"insecureRegistries":["default-route-openshift-image-registry.apps-crc.testing"]}}}'
oc apply -f deploy/role.yaml
oc apply -f deploy/role_binding.yaml
oc apply -f deploy/service_account.yaml
oc apply -f deploy/securitycontextconstraints.yaml
oc adm policy add-scc-to-user scc-admin system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
oc adm policy add-scc-to-user scc-admin system:serviceaccount:jfrog-artifactory:default
oc adm policy add-scc-to-user anyuid system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
oc adm policy add-scc-to-user anyuid system:serviceaccount:jfrog-artifactory:default
oc adm policy add-scc-to-group anyuid system:authenticated
oc apply -f deploy/hostpathscc.yaml
oc patch securitycontextconstraints.security.openshift.io/hostpath --type=merge --patch='{"allowHostDirVolumePlugin": true}'
oc adm policy add-scc-to-user hostpath system:serviceaccount:jfrog-artifactory:artifactory-ha-operator
oc apply -f deploy/crds/charts.helm.k8s.io_openshiftartifactoryhas_crd.yaml
oc apply -f deploy/crds/charts.helm.k8s.io_v1alpha1_openshiftartifactoryha_cr.yaml
oc create secret generic artifactory-license --from-file=../artifactory.cluster.license

10
Openshift4/artifactory-ha-operator/unload.sh Executable file
View File

@@ -0,0 +1,10 @@
#!/usr/bin/env bash
oc project jfrog-artifactory
oc delete deployments --all
oc delete statefulsets --all
oc delete configmaps --all
oc delete deploymentconfigs --all
oc delete pods --all
oc delete svc --all
oc delete networkpolicies --all
oc delete pvc --all